>>> Dennis Leeuw <[email protected]> schrieb am 18.02.2014 um 12:24 in Nachricht <[email protected]>: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi Ulrich, > > No I hadn't, didn't even know it existed. But reading up on it it > seems a server side configuration we do not have. > > Running the getent several times on a host shows nice round-robin > behaviour, so my guess it is somewhere in the client-side config or > caching, or...
Do you run nscd? > > Dennis > > On 02/18/2014 12:09 PM, Ulrich Windl wrote: >> Hi! >> >> Did you read the bind manual pages about "sortlist"? >> >> Ulrich >> >>>>> Dennis Leeuw <[email protected]> schrieb am 18.02.2014 um >>>>> 10:33 in >> Nachricht <[email protected]>: Hi all, >> >> I hope I am on the right list for the problem I am experiencing. >> >> We have two subnets 192.168.196. 192.168.222. >> >> Our main LDAP servers run in 192.168.196. and are load-balanced by >> round-robin DNS. The 192.168.196. network is exhausted, so we added >> a new LDAP slave to 192.168.222. and added the IP address to the >> round-robin pool. But it seems that it is only used by other >> servers in the 192.168.222 network and not by servers in the >> 192.168.196. network >> >> This setup has now been running for 6 days, with nscd.conf: >> enable-cache hosts yes positive-time-to-live hosts >> 3600 >> negative-time-to-live hosts 20 suggested-size >> hosts 211 >> check-files hosts yes persistent hosts >> yes shared hosts yes >> max-db-size hosts 33554432 >> >> and nslcd.conf: uid nslcd gid ldap uri >> ldap://ldap.div.ourdomain.nl/ base dc=div,dc=ourdomain,dc=nl ssl >> no tls_cacertdir /etc/openldap/cacerts >> >> The LDAP server in the 192.168.222 range serves only 33 >> connections all from the 192.168.222 range, and the 2 hosts in the >> 192.168.196 range serve 599 and 706 connections. The last 2 servers >> do serve the 143.121.222. network also. So might there be some >> caching issue? >> >> $ getent ahost ldap.div.ourdomain.nl 192.168.196.190 STREAM >> ldap.div.ourdomain.nl 192.168.196.190 DGRAM 192.168.196.190 RAW >> 192.168.196.151 STREAM 192.168.196.151 DGRAM 192.168.196.151 RAW >> 192.168.222.179 STREAM 192.168.222.179 DGRAM 192.168.222.179 RAW >> >> Is this the right list for this question? And if so can someone >> help me understand what is going on? >> >> With kind regards, >> >> Dennis Leeuw >> >>> >>> ------------------------------------------------------------------------------ >>> >>> >>> > De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is >>> uitsluitend bestemd voor de geadresseerde. Indien u dit bericht >>> onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken >>> en de afzender direct te informeren door het bericht te >>> retourneren. Het Universitair Medisch Centrum Utrecht is een >>> publiekrechtelijke rechtspersoon in de zin van de W.H.W. (Wet >>> Hoger Onderwijs en Wetenschappelijk Onderzoek) en staat >>> geregistreerd bij de Kamer van Koophandel voor Midden-Nederland >>> onder nr. 30244197. >>> >>> Denk s.v.p aan het milieu voor u deze e-mail afdrukt. >>> >>> ------------------------------------------------------------------------------ >>> >>> >>> > This message may contain confidential information and is intended >>> exclusively for the addressee. If you receive this message >>> unintentionally, please do not use the contents but notify the >>> sender immediately by return e-mail. University Medical Center >>> Utrecht is a legal person by public law and is registered at the >>> Chamber of Commerce for Midden-Nederland under no. 30244197. >>> >>> Please consider the environment before printing this e-mail. >> >> >> > > - -- > ICT Medewerker > Divisie Biomedische Genetica > UMC Utrecht > Heidelberglaan 100 STR2.126 > 3584 CX Utrecht > The Netherlands > 06 27744048 > intern: 64048 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQEcBAEBAgAGBQJTA0LeAAoJEMVYYpdbQscoJzcIALwJg+KKcoP5ea5sWqpOYFgY > h242bt7oZFTG4Wx9hy/e1xQDpBtcYtN7WM+DzShQknWPRhhiEynBjE0KJNlHpXx9 > GM35X17fyz7gR7BXiVXxtN0vddhn1GbYxQokR7Oop5DfpqVrtdGYb6n+HdfKlg4e > fboi5z8Mf4ev1IGrnRFKmjij/xusqbKRiyoWeyGaltPCHQslhSL8SgH78GRQCEjA > heyE3EjNTdyr9JuSZseoxZQs3cqSu56RVBDc0wEXZOC/cptoToiEgXpwLDLdVSSz > E5/sc/9gu6yj/oSeO+ADKn8IgdNb6y+Muqs+KxUNIL1zyQh2LZSR2wu6CMoS2Aw= > =368X > -----END PGP SIGNATURE-----
